Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:47 p.m.4 views

CVE-2022-2983

The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS6.2AI score0.00501EPSS
Exploits2References1
OSV
OSV
added 2022/11/28 2:15 p.m.2 views

CVE-2022-2983

The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score0.00501EPSS
Exploits2References1
NVD
NVD
added 2022/11/28 2:15 p.m.10 views

CVE-2022-2983

The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS0.00501EPSS
Exploits2References1
Prion
Prion
added 2022/11/28 2:15 p.m.10 views

Cross site scripting

The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.3CVSS4.9AI score0.00501EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/11/28 1:47 p.m.14 views

CVE-2022-2983 Salat Times < 3.2.2 - Admin+ Stored Cross-Site Scripting

The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5.2AI score0.00501EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/11/28 1:47 p.m.3 views

CVE-2022-2983 Salat Times < 3.2.2 - Admin+ Stored Cross-Site Scripting

The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5.1AI score0.00501EPSS
Exploits2References1
CVE
CVE
added 2022/11/28 1:47 p.m.54 views

CVE-2022-2983

The CVE-2022-2983 affects the Salat Times WordPress plugin prior to version 3.2.2. Root cause: settings are not properly sanitized/escaped, enabling stored Cross-Site Scripting by high-privilege users (e.g., admins) even with unfiltered_html disallowed. An exploit payload example is provided (XSS...

4.8CVSS4.9AI score0.00501EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/11/28 12:0 a.m.2 views

WordPress plugin Salat Times 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS5AI score0.00501EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2022/11/28 12:0 a.m.4 views

PT-2022-19861 · WordPress · Salat Times

Name of the Vulnerable Software and Affected Versions: Salat Times WordPress plugin versions prior to 3.2.2 Description: The issue allows high-privilege users, such as admins, to perform Cross-Site Scripting attacks. This is possible because the plugin does not properly sanitize and escape its...

4.8CVSS4.8AI score0.00501EPSS
Exploits2References4
Patchstack
Patchstack
added 2022/11/02 12:0 a.m.13 views

WordPress Salat Times plugin <= 3.2.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas in the WordPress Salat Times plugin versions = 3.2.2. Solution Update the WordPress Salat Times plugin to the latest available version at least 3.2.2...

2.2AI score0.00501EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2022/11/02 12:0 a.m.87 views

Salat Times < 3.2.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Put the following payload in any text field of Settings Salat Times: " Save, and the XSS will be...

4.8CVSS5AI score0.00501EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2022/11/02 12:0 a.m.15 views

Salat Times < 3.2.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Put the following payload in any text field of Settings Salat Times: " Save, and the XSS will be...

4.8CVSS2.6AI score0.00501EPSS
Exploits2Affected Software1
Rows per page
Query Builder